Internet security code | UniCredit Bank

UniCredit Logo
Back to top

Internet Security Service

(3D Secure or Secure Code)

 

Why do we request the usage of Internet Secure Service?

UniCredit Bank from 9 December 2020 unilaterally modifies the authentication process of making card purchases via Internet in accordance with the new European Union Payments Directive (PSD2). This payments directive specifies that two authentication elements should be used in case of online bankcard transactions.
Based on this directive from 1 January 2021 banks have to demand strong customer authentication if the acquirer is operating inside the European Economic Area (EEA). Exception can be used only in specific cases (for example: low amount transactions, or if you have been previously registered your bankcard at the acquirer). From 30th December 2020 our bank will require two factor authentication (e.g. SMS and static code or mBanking/mToken authentication) in case of card purchases via the Internet when the acquirer (e.g. a webshop) is operating inside the European Economic Area (EEA).

 

Exceptions:

 a.) if the amount of transaction does not exceed HUF 10 000. This exemption can be used maximum 5 consecutive times.

 b.) if You have been registered your bankcard at the acquirer and the acquirer identified you during this registration (customer-authentication).

It is important, that if none of the exceptions above can be used, our bank is allowed to approve transactions after authentication with two factor (so-called strong customer authentication).

In practice: if you would like to pay with your card in a webshop above HUF 10 000  inside EEA and previously you have not registered your card with authentication (for example in case of  subscription) at the site of this merchant/provider, and the webshop have not been applied strong customer authentication yet, you cannot perform the purchase.
If you already have been paid 5 consecutive times under HUF 10 000  without authentication (and you have not registered your card on the site of the merchant with authentication), the sixth purchase can only be made with two factor authentication.

 

According to the intention of regulator the risk of fraud can be decreased by using two authentication elements in case of internet purchases.

The essence of the service is that during internet purchases after entering usual card data you have to authenticate the transaction to complete it. The authentication can happen with two methods:

1. If you have an activated mobile application service [UniCredit mBanking] or an mToken service you can confirm your internet purchases conveniently and simply with your UniCredit mBanking application. It is important that for this purpose you have to allow push notifications on your mobile phone. You can allow push notification with two methods:

    a.    after login into [UniCredit mBanking] service you select More menu in the right bottom corner, afterward Settings followed by Push notifications submenu and turn on Messages and other events function, or

    b.    if you have mToken service, after successful login select the cogwheel mToken settings icon in the upper right corner and turn on mToken push function.

2. If you do not have an activated mobile application service [UniCredit mBanking] or mToken service with us (or the service is not available temporarily for technical reasons), our bank will send a unique code (dynamic code) via SMS to your mobile phone number registered in our system. During internet purchases you have to enter this code in a pop-up window followed by your PIN for the Telephone Banking service [UniCredit Telephone Bank] (static code).

You can meet with the above described authentication at more and more retailers, as the referenced European Union Payments Directive has an effect on acquires within the EU. These sites display the following logos: “VISA Secure “, “Verified by Visa” or “Masterard ID Check”. With the retailers, who did not join this service, you can pay as usual, by providing your card data and CVC2/CVV2 code.

1. Dynamic code: in case of two factor authentication during internet purchases the cardholder receives a one-time, unique security code which has to be additionally entered in a separate pop-up window after entering usual payment and card data.
Internet Security Code is unique at every purchase and the bank sends it via SMS to the registered mobile phone number of the cardholder. This way if a third person takes hold of the card data, without the security code sent to the mobile phone number he will not be able to execute the internet purchase.

2. Static code: after entering the internet security code received via SMS you have to type your PIN for the Telephone Banking service [UniCredit Telephone Bank] (as static code) to successfully perform your purchase.

1)     start the payment process in the web shop;

2)     enter the card details on the payment page and start the transaction;

3)     an authentication window will then pop up, where you can read about the next steps;

4)     you will then receive a push notification to the mobile telephone on which you use your activated [UniCredit Mobile Bank] or mToken service;

5)    click on the push notification to check the transaction details (merchant, transaction amount);

6)     if all the details are correct, you can click on the ‘Confirm’ button to confirm the transaction with your PIN code or biometric identification;

7)     once a transaction has been successfully approved, its processing will start;

8)     click on the ‘Next’ button in the authentication process window;

9)    in the next window, also click on ‘Next’; this will return you to the merchant’s website, where you will receive your confirmation of the successful transaction.

  • Do I have to reactivate the service if my card expires or I have to replace it (e.g. it is lost)?

    If the card is renewed or replaced, the service remains active; reactivation is not required. In the event of renewal of cards (if the renewed card is activated with a transaction that requires a PIN), the Internet Security service for the renewed card becomes available again at the latest at 2.00 p.m. on the day after the card has been activated.
 
  • How long does the security code sent in the text message remain valid?

    The security code received during an online purchase is valid for at least 5 minutes; then, if it is not used, it automatically becomes inactive.
 
  • What happens if I enter an incorrect code?

    If you enter the Telephone Banking PIN code or the security code (received in the text message) incorrectly, you can retype the correct code(s).
 
  • What happens if I enter an incorrect code several times?

    For security reasons, if you enter an incorrect code five times in a row, the Internet Security Service will be blocked, and no transactions can be carried out at retailers using Internet Security Codes until the service is unblocked.
 
  • how can I unblock the service?

    In order to unblock the service, please call our Telebank on +36 1/20/30/70 325-3200. If you select menu option 8, then option 1, our colleagues at Card Customer Service will reactivate the service for you.
 
  • What happens if the security service is not available on the retailer’s website?

    The Internet Security Code service does not affect purchases in web shops where the retailer is not associated with the Internet Security Code service. In such cases, you will not receive a verification code during your online purchases; the transaction will be carried out without this step.
 
  • Where can I find my Telephone Banking PIN? How do I know if I have one?

    If you signed a Telephone Bank contract you received a closed (perforated) envelope which contains your Telephone Banking PIN.  If you are private client with access to Telephone Banking Service, you have the possibility to give a new PIN after entering [UniCredit eBanking]. To reach this function in [UniCredit eBanking] after selecting Banking menu scroll down to Details and services part, where you can find TELEPHONE BANKING menu. If you cannot use Internet Banking service [UniCredit eBanking], and you do not remember you contracted for Telephone Banking service, please contact our colleagues via phone number +36 (1/20/30/70) 325 3200 and followed by an identification based on personal data they will able to inform you.
    If you had not contracted for Telephone Bank as a cardholder, the bank – as first step of preparation to the new authentication regulation – created a restricted Telephone Banking access for you and we sent your PIN via post to your registered post address in June 2020. With this restricted access of Telephone Banking you can authenticate your online bankcard transactions and you can identify yourself in Telephone Banking system when you call customer service in case of technical issue or during card activation.
 
  • What should I do if I do not remember my Telephone Banking PIN?

    • If you have Internet bank Services [UniCredit eBanking] you can give a new PIN after entering [UniCredit eBanking]. To reach this function in [UniCredit eBanking] after selecting Banking menu scroll down to Details and services part, where you can find TELEPHONE BANKING menu.
    • If you do not have Internet bank Services [UniCredit eBanking] please visit any of our branch offices personally, where our colleagues will be able to contract with you for Internet Banking Services [UniCredit eBanking] or provide you a new Telephone Banking PIN.
    • If you have a bankcard as an employee of a partner company, you can contact your relationship manager.

 

Please keep in mind that the internet security code service cannot serve as a substitute for measures to protect your computer system (firewall, password, antivirus, access code, encryption, confidentiality, other system safety measures). Please also ensure before every purchase that the web shop or other online service provider with whom you will make an online transaction has the necessary security protocols in place, and has taken the necessary steps to ensure the safety of the data you provide.

Spinning wheel animation

Loading

UniCredit Logo

Manage your Privacy

With aim to improve your user experience UniCredit Bank Hungary Zrt. uses cookies (also analytical, advertising, and third-party cookies) on our website. If you agree to the installation of all the listed cookies, click "ACCEPT ALL COOKIES", otherwise you can always edit the consents in "COOKIE SETTINGS". To learn more, see the separate page Cookie policy.